Evil Chaincode: APT Attacks Based on Smart Contract

Li, Zhenyu; Wang, Yujue; Wen, Sheng; Ding, Yong

doi:10.1007/978-981-15-9739-8_15

Cited by 9 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• EVM Supported: The combination of Solidity + EVM is not the only choice for the smart-contract platform. However, compared to other platforms that tend to run smart contracts' code on bare metal [28], EVM's structure can naturally minimize the Remote Code Execution. In addition, as shown in Table II, GoQuorum tends to be the quickest one when testing the transaction performance by deploying comparatively a large quantity of data (e.g., a smart contract with 100KB of binaries or more).…”

Section: A Underlying Blockchain Platformmentioning

confidence: 99%

NoSneaky: A Blockchain-Based Execution Integrity Protection Scheme in Industry 4.0

Chiu

Meng

2023

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

The advancement of information technology allows the creation of smart devices that not only are programable, but also can perform machine-to-machine communication in order to reach a flexible large-scale manufacturing strategy in Industry 4.0. However, as more components are connected to the Internet, cyber-criminals can perform malicious actions remotely. As one lasting threat, sabotaging smart devices' execution integrity can cause a large financial loss, i.e., causing malfunctioning. Hence, it is important to secure the execution integrity of smart devices in Industry 4.0. Motivated by the emerging blockchain technology, in this paper, we focus on how blockchain can help Industry 4.0 application protect execution integrity and propose a blockchainbased execution protection scheme named NoSneaky, which is low-cost and can be easily integrated into the current production systems. In the evaluation, we demonstrate its performance and effectiveness in securing the execution integrity.

show abstract

Section: A Underlying Blockchain Platformmentioning

confidence: 99%

NoSneaky: A Blockchain-Based Execution Integrity Protection Scheme in Industry 4.0

Chiu

Meng

2023

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

show abstract

“…Attacks are acts of doing harm to IT assets [ 10 ]. According to the analysis of the reviewed studies, they can be classified based on: (1) the targeted assets, such as Smart Contracts [ 112 ]; (2) the cause of the vulnerability, such as the double spending vulnerability in BC technologies [ 113 ]; (3) the mechanisms’ flaws, such as flaws in consensus mechanisms in BC [ 114 ]; and (4) the affected system architecture layers, such as the network layer [ 115 ]. In addition, a number of studies identified different attack vectors [ 74 , 88 , 107 , 114 , 116 ].…”

Section: Taxonomymentioning

confidence: 99%

“… [S89] Potential Risks of Hyperledger Fabric Smart Contracts [ 167 ] A survey showing 14 potential security risks related to the Smart Contracts that are written by Go language and used in Hyperledger Fabric BC; additionally, it proposes a tool to discover security risks in Smart Contracts. [S90] Evil Chaincode: APT Attacks Based on Smart Contract [ 112 ] Review study covering the advanced persistent threat (APT) attacks on Smart Contracts, which is an attack experiment on Hyperledger Fabric that provides recommendations to build countermeasures to security vulnerabilities in Smart Contracts. [S91] Penetration testing framework for Smart Contract Blockchain [ 107 ] A Review study and a penetration test for Smart Contracts, showing security threats and attack vectors in SC (categorized to network, application, data integrity, and end-user).…”

Section: Table A1mentioning

confidence: 99%

Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT

Alamri

Crowley

Richardson

2022

Sensors

View full text Add to dashboard Cite

Blockchain (BC) has recently paved the way for developing Decentralized Identity Management (IdM) systems for different information systems. Researchers widely use it to develop decentralized IdM systems for the Health Internet of Things (HIoT). HIoT is considered a vulnerable system that produces and processes sensitive data. BC-based IdM systems have the potential to be more secure and privacy-aware than centralized IdM systems. However, many studies have shown potential security risks to using BC. A Systematic Literature Review (SLR) conducted by the authors on BC-based IdM systems in HIoT systems showed a lack of comprehensive security and risk management frameworks for BC-based IdM systems in HIoT. Conducting a further SLR focusing on risk management and supplemented by Grey Literature (GL), in this paper, a security taxonomy, security framework, and cybersecurity risk management framework for the HIoT BC-IdM systems are identified and proposed. The cybersecurity risk management framework will significantly assist developers, researchers, and organizations in developing a secure BC-based IdM to ensure HIoT users’ data privacy and security.

show abstract

A Practical Blockchain-Based Maintenance Record System for Better Aircraft Security

Jensen

Jessing²,

Chiu³

et al. 2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Evil Chaincode: APT Attacks Based on Smart Contract

Cited by 9 publications

References 9 publications

NoSneaky: A Blockchain-Based Execution Integrity Protection Scheme in Industry 4.0

NoSneaky: A Blockchain-Based Execution Integrity Protection Scheme in Industry 4.0

Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT

A Practical Blockchain-Based Maintenance Record System for Better Aircraft Security

Contact Info

Product

Resources

About